Google has introduced yet another hacking contest – The Project Zero Prize. Google says, the goal of the Project Zero Security Contest is to find a vulnerability or bug chain that achieves remote code execution on multiple Android devices knowing only the devices’ phone number and email address. The company will award cash prizes to participants who can hack a Nexus 6P and Nexus 5X knowing only the devices’ phone number and email address.
What is the Contest Structure?
For the exploit to occur, a user can open an email in Gmail or an SMS text in Messenger. Beyond this, no other user interaction is allowed. The participants must use the same bug chain on both Nexus devices. A unique bug can be used if a security feature on one device has an advantage over the other device, if it does not have the same. Participants can report the bugs in the Android issue tracker and they can then be used as a part of submission by the participant any time during the six month contest period.
Prizes
-
First Prize – The winning entry will receive $200,000 (about £151,721, AU$268,391, INR 13382000)
-
Second Prize – The second winning entry will receive $100,000 (about £75,860, AU$134,195, INR 6691000)
-
Third Prize – The additional winning entries will get at least $50,000 (about £37,930, AU$67,097, INR 3345500)
The winning participants will also write a short technical report on their entry, which will then be published on the Project Zero blog.
Participation and Contest duration
The Project Zero Security Contest is open to all worldwide except for Italy, Brazil, Quebec, Crimea, Cuba, Iran, Syria, North Korea and Sudan. The Contest begins at 12:00:00 A.M. Pacific Time (PT) Zone September 13, 2016 and ends at 11:59:59 P.M. PT on March 14, 2017.
Why Google is offering such whooping amount as a cash prize? Actually these kind of reward programs help companies to discover many unique, high-quality security bugs as a result of hacking contests. The motive of these type of contest is to gain information about how these bugs and exploits work and to get dangerous bugs fixed so they don’t impact users.
For more Information and details about the Google Project Zero Contest, check out the contests’ official rules here.
